Coding rules extractor into the Sonar format.
Project description
.. -*- restructuredtext -*-
======================================
Sonar Quality Analysis Rules Extractor
======================================
What is the Sonar Rules Extractor?
==================================
The extractor is a tool that extracts the violation rules from analysis tools like Cppcheck,
C++Test, Klocwork, etc. and converts them into Sonar rules.
Why converting those rules into Sonar rules?
============================================
When we are doing a conformity analysis of coding rules, the output of this analysis gives us
a link between the line of the source file where the rule has been violated and the ``ID`` of
this violated rule. An association between a rule ``ID`` and its description has to be given to
Sonar.
To take into account all the custom rules developed in the quality analysis tools, it is
necessary to have a utility which exports those tools' rules. **The Sonar Rules Extractor is there
for that.**
.. note:: Sonar has by default five kinds of rule severity: ``Blocker``, ``Critical``, ``Major``,
``Minor``, ``Info``. But it is not the case for all the analysis tools. For example, in Klocwork,
the severities are represented by numbers : 1 (Critical) to 10 (Info).
The *Sonar Rules Extractor* will have a mapping of those levels so they mean something to Sonar.
How to install it?
==================
If you have Python **setuptools** already installed and have a direct internet connection, you just need
to run the following command: ::
root@localhost:~# easy_install -O2 sonar-rules-extractor
If Python **setuptools** is not installed, please install it first.
If you don't have a direct connection to the internet, download a package suitable to your distribution
and install it. ::
root@localhost:~# tar zxvf sonar-rules-extractor*.tar.gz
...
root@localhost:~# cd sonar-rules-extractor*
root@localhost:~# python setup.py install -O2
...
root@localhost:~#
For windows users who don't want to run the command line installer, there is a native ``.exe`` package.
How to extract rules from code analysis tools?
==============================================
The **Sonar Rules Extractor** comes with a command line tool ``sonar-rules-extractor``. You can run it
with the ``--help`` option to get info. ::
root@localhost:~# sonar-rules-extractor --help
Usage: sonar-rules-extractor [options] tool <input args...>
<input args...> depend on the tool. Generally, if no args are provided,
standard input is read.
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-p MODULE, --plugin=MODULE
Before extraction, import the specified module and
look for classes that inherit "Extractor" which can be
used in addtion to the built-in ones. This option can
be used multiple times.
-f, --format-xml Pretty format XML output.
-l, --list-tools List all available tools.
You can get the list of available supported tools with this command: ::
root@localhost:~# sonar-rules-extractor --list-tools
pylint, klocwork, cpptest, gnatcheck, qac, qacpp, cppcheck, logiscope
Here is an example extraction for PyLint: ::
root@localhost:~# pylint --list-msgs | sonar-rules-extractor pylint --format-xml > pylint-sonar-rules.xml
root@localhost:~# cat pylint-sonar-rules.xml
<?xml version="1.0" encoding="utf-8"?>
<!--EXTRACTED "pylint" RULES FOR SONAR-->
<rules>
<rule key="C0102" priority="INFO">
<name>
<![CDATA[Black listed name "%s"]]> </name>
<configKey>
<![CDATA[C0102]]> </configKey>
<category name="Reliability"/>
<description>
<![CDATA[Used when the name is listed in the black list (unauthorized names).]]> </description>
</rule>
<rule key="C0103" priority="INFO">
<name>
<![CDATA[Invalid name "%s" (should match %s)]]> </name>
.......
<name>
<![CDATA[Format string dictionary key should be a string, not %s]]> </name>
<configKey>
<![CDATA[W1300]]> </configKey>
<category name="Reliability"/>
<description>
<![CDATA[Used when a format string that uses named conversion specifiers is used with a dictionary whose keys are not all strings.]]> </description>
</rule>
</rules>
======================================
Sonar Quality Analysis Rules Extractor
======================================
What is the Sonar Rules Extractor?
==================================
The extractor is a tool that extracts the violation rules from analysis tools like Cppcheck,
C++Test, Klocwork, etc. and converts them into Sonar rules.
Why converting those rules into Sonar rules?
============================================
When we are doing a conformity analysis of coding rules, the output of this analysis gives us
a link between the line of the source file where the rule has been violated and the ``ID`` of
this violated rule. An association between a rule ``ID`` and its description has to be given to
Sonar.
To take into account all the custom rules developed in the quality analysis tools, it is
necessary to have a utility which exports those tools' rules. **The Sonar Rules Extractor is there
for that.**
.. note:: Sonar has by default five kinds of rule severity: ``Blocker``, ``Critical``, ``Major``,
``Minor``, ``Info``. But it is not the case for all the analysis tools. For example, in Klocwork,
the severities are represented by numbers : 1 (Critical) to 10 (Info).
The *Sonar Rules Extractor* will have a mapping of those levels so they mean something to Sonar.
How to install it?
==================
If you have Python **setuptools** already installed and have a direct internet connection, you just need
to run the following command: ::
root@localhost:~# easy_install -O2 sonar-rules-extractor
If Python **setuptools** is not installed, please install it first.
If you don't have a direct connection to the internet, download a package suitable to your distribution
and install it. ::
root@localhost:~# tar zxvf sonar-rules-extractor*.tar.gz
...
root@localhost:~# cd sonar-rules-extractor*
root@localhost:~# python setup.py install -O2
...
root@localhost:~#
For windows users who don't want to run the command line installer, there is a native ``.exe`` package.
How to extract rules from code analysis tools?
==============================================
The **Sonar Rules Extractor** comes with a command line tool ``sonar-rules-extractor``. You can run it
with the ``--help`` option to get info. ::
root@localhost:~# sonar-rules-extractor --help
Usage: sonar-rules-extractor [options] tool <input args...>
<input args...> depend on the tool. Generally, if no args are provided,
standard input is read.
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-p MODULE, --plugin=MODULE
Before extraction, import the specified module and
look for classes that inherit "Extractor" which can be
used in addtion to the built-in ones. This option can
be used multiple times.
-f, --format-xml Pretty format XML output.
-l, --list-tools List all available tools.
You can get the list of available supported tools with this command: ::
root@localhost:~# sonar-rules-extractor --list-tools
pylint, klocwork, cpptest, gnatcheck, qac, qacpp, cppcheck, logiscope
Here is an example extraction for PyLint: ::
root@localhost:~# pylint --list-msgs | sonar-rules-extractor pylint --format-xml > pylint-sonar-rules.xml
root@localhost:~# cat pylint-sonar-rules.xml
<?xml version="1.0" encoding="utf-8"?>
<!--EXTRACTED "pylint" RULES FOR SONAR-->
<rules>
<rule key="C0102" priority="INFO">
<name>
<![CDATA[Black listed name "%s"]]> </name>
<configKey>
<![CDATA[C0102]]> </configKey>
<category name="Reliability"/>
<description>
<![CDATA[Used when the name is listed in the black list (unauthorized names).]]> </description>
</rule>
<rule key="C0103" priority="INFO">
<name>
<![CDATA[Invalid name "%s" (should match %s)]]> </name>
.......
<name>
<![CDATA[Format string dictionary key should be a string, not %s]]> </name>
<configKey>
<![CDATA[W1300]]> </configKey>
<category name="Reliability"/>
<description>
<![CDATA[Used when a format string that uses named conversion specifiers is used with a dictionary whose keys are not all strings.]]> </description>
</rule>
</rules>
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
sonar-rules-extractor-1.1.tar.gz
(13.3 kB
view details)
Built Distribution
sonar-rules-extractor-1.1.win32.exe
(221.7 kB
view details)
File details
Details for the file sonar-rules-extractor-1.1.tar.gz.
File metadata
- Download URL: sonar-rules-extractor-1.1.tar.gz
- Upload date:
- Size: 13.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 2e96b056cd3deba2d8506efac2f3f8144a5df856c847028328fbbd012084ca13 |
|
| MD5 | ed6894d0a530b82f33403fef5e6c8bf5 |
|
| BLAKE2b-256 | 48cdb0b70894344f17acea86105d35ba12cadce6c5aae4c44292ca883d273b21 |
File details
Details for the file sonar-rules-extractor-1.1.win32.exe.
File metadata
- Download URL: sonar-rules-extractor-1.1.win32.exe
- Upload date:
- Size: 221.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 38a56e78a632f6500949361343e0512afa38a258758afdcf634b82ea0b7cd4da |
|
| MD5 | ac103e744600eae0a9265791f9e5b632 |
|
| BLAKE2b-256 | 5f1e3179900623d429fc0ea340d68470c6ab990f8c8cbff8c74558e171bb07d4 |
